This commit is contained in:
commit
29d9ea4193
8
.dockerignore
Normal file
8
.dockerignore
Normal file
@ -0,0 +1,8 @@
|
||||
.git
|
||||
.git*
|
||||
.drone.*
|
||||
*.md
|
||||
.dockerignore
|
||||
Dockerfile
|
||||
Dockerfile.*
|
||||
docker-compose.yml
|
135
.drone.jsonnet
Normal file
135
.drone.jsonnet
Normal file
@ -0,0 +1,135 @@
|
||||
local PipelineBuild(os='linux', arch='amd64') = {
|
||||
local tag = os + '-' + arch,
|
||||
local version_tag = os + '-' + arch,
|
||||
local file_suffix = std.strReplace(version_tag, '-', '.'),
|
||||
kind: "pipeline",
|
||||
name: version_tag,
|
||||
platform: {
|
||||
os: os,
|
||||
arch: arch,
|
||||
},
|
||||
steps: [
|
||||
{
|
||||
name: 'dryrun',
|
||||
image: 'plugins/docker:' + tag,
|
||||
pull: 'always',
|
||||
settings: {
|
||||
dry_run: true,
|
||||
tags: version_tag,
|
||||
dockerfile: './Dockerfile.' + file_suffix,
|
||||
repo: ' xoxys/kanboard',
|
||||
username: { from_secret: "docker_username" },
|
||||
password: { from_secret: "docker_password" },
|
||||
build_args: {
|
||||
KANBOARD_ORG_VERSION: "${DRONE_TAG##v}",
|
||||
KANBOARD_VERSION: "${KANBOARD_ORG_VERSION%.*}",
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
name: 'publish',
|
||||
image: 'plugins/docker:' + tag,
|
||||
pull: 'always',
|
||||
settings: {
|
||||
auto_tag: true,
|
||||
auto_tag_suffix: version_tag,
|
||||
dockerfile: './Dockerfile.' + file_suffix,
|
||||
repo: ' xoxys/kanboard',
|
||||
username: { from_secret: "docker_username" },
|
||||
password: { from_secret: "docker_password" },
|
||||
build_args: {
|
||||
KANBOARD_ORG_VERSION: "${DRONE_TAG##v}",
|
||||
KANBOARD_VERSION: "${KANBOARD_ORG_VERSION%.*}",
|
||||
},
|
||||
},
|
||||
when: {
|
||||
ref: [
|
||||
'refs/heads/master',
|
||||
'refs/tags/**',
|
||||
],
|
||||
},
|
||||
},
|
||||
],
|
||||
};
|
||||
|
||||
local PipelineNotifications(depends_on=[]) = {
|
||||
kind: "pipeline",
|
||||
name: "notifications",
|
||||
platform: {
|
||||
os: "linux",
|
||||
arch: "amd64",
|
||||
},
|
||||
steps: [
|
||||
{
|
||||
image: "plugins/manifest",
|
||||
name: "manifest",
|
||||
pull: "always",
|
||||
settings: {
|
||||
auto_tag: true,
|
||||
ignore_missing: true,
|
||||
username: { from_secret: "docker_username" },
|
||||
password: { from_secret: "docker_password" },
|
||||
spec: "./manifest.tmpl",
|
||||
},
|
||||
when: {
|
||||
ref: [
|
||||
'refs/heads/master',
|
||||
'refs/tags/**',
|
||||
],
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "readme",
|
||||
image: "sheogorath/readme-to-dockerhub",
|
||||
pull: "always",
|
||||
environment: {
|
||||
DOCKERHUB_USERNAME: { from_secret: "docker_username" },
|
||||
DOCKERHUB_PASSWORD: { from_secret: "docker_password" },
|
||||
DOCKERHUB_REPO_PREFIX: "xoxys",
|
||||
DOCKERHUB_REPO_NAME: "kanboard",
|
||||
README_PATH: "README.md",
|
||||
SHORT_DESCRIPTION: "Tiny Tiny RSS - free and open source news feed reader and aggregator"
|
||||
},
|
||||
when: {
|
||||
ref: [
|
||||
'refs/heads/master',
|
||||
'refs/tags/**',
|
||||
],
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "microbadger",
|
||||
image: "plugins/webhook",
|
||||
pull: "always",
|
||||
settings: {
|
||||
urls: { from_secret: "microbadger_url" },
|
||||
},
|
||||
},
|
||||
{
|
||||
image: "plugins/matrix",
|
||||
name: "matrix",
|
||||
pull: 'always',
|
||||
settings: {
|
||||
homeserver: "https://matrix.rknet.org",
|
||||
roomid: "MtidqQXWWAtQcByBhH:rknet.org",
|
||||
template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}",
|
||||
username: { from_secret: "matrix_username" },
|
||||
password: { from_secret: "matrix_password" },
|
||||
},
|
||||
when: {
|
||||
status: [ "success", "failure" ],
|
||||
},
|
||||
},
|
||||
],
|
||||
trigger: {
|
||||
status: [ "success", "failure" ],
|
||||
},
|
||||
depends_on: depends_on,
|
||||
};
|
||||
|
||||
[
|
||||
PipelineBuild(os='linux', arch='amd64'),
|
||||
PipelineNotifications(depends_on=[
|
||||
"linux-amd64",
|
||||
])
|
||||
]
|
123
.drone.yml
Normal file
123
.drone.yml
Normal file
@ -0,0 +1,123 @@
|
||||
---
|
||||
kind: pipeline
|
||||
name: linux-amd64
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
steps:
|
||||
- name: dryrun
|
||||
pull: always
|
||||
image: plugins/docker:linux-amd64
|
||||
settings:
|
||||
build_args:
|
||||
KANBOARD_ORG_VERSION: "${DRONE_TAG##v}"
|
||||
KANBOARD_VERSION: "${KANBOARD_ORG_VERSION%.*}"
|
||||
dockerfile: ./Dockerfile.linux.amd64
|
||||
dry_run: true
|
||||
password:
|
||||
from_secret: docker_password
|
||||
repo: xoxys/kanboard
|
||||
tags: linux-amd64
|
||||
username:
|
||||
from_secret: docker_username
|
||||
|
||||
- name: publish
|
||||
pull: always
|
||||
image: plugins/docker:linux-amd64
|
||||
settings:
|
||||
auto_tag: true
|
||||
auto_tag_suffix: linux-amd64
|
||||
build_args:
|
||||
KANBOARD_ORG_VERSION: "${DRONE_TAG##v}"
|
||||
KANBOARD_VERSION: "${KANBOARD_ORG_VERSION%.*}"
|
||||
dockerfile: ./Dockerfile.linux.amd64
|
||||
password:
|
||||
from_secret: docker_password
|
||||
repo: xoxys/kanboard
|
||||
username:
|
||||
from_secret: docker_username
|
||||
when:
|
||||
ref:
|
||||
- refs/heads/master
|
||||
- "refs/tags/**"
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
name: notifications
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
steps:
|
||||
- name: manifest
|
||||
pull: always
|
||||
image: plugins/manifest
|
||||
settings:
|
||||
auto_tag: true
|
||||
ignore_missing: true
|
||||
password:
|
||||
from_secret: docker_password
|
||||
spec: ./manifest.tmpl
|
||||
username:
|
||||
from_secret: docker_username
|
||||
when:
|
||||
ref:
|
||||
- refs/heads/master
|
||||
- "refs/tags/**"
|
||||
|
||||
- name: readme
|
||||
pull: always
|
||||
image: sheogorath/readme-to-dockerhub
|
||||
environment:
|
||||
DOCKERHUB_PASSWORD:
|
||||
from_secret: docker_password
|
||||
DOCKERHUB_REPO_NAME: kanboard
|
||||
DOCKERHUB_REPO_PREFIX: xoxys
|
||||
DOCKERHUB_USERNAME:
|
||||
from_secret: docker_username
|
||||
README_PATH: README.md
|
||||
SHORT_DESCRIPTION: Tiny Tiny RSS - free and open source news feed reader and aggregator
|
||||
when:
|
||||
ref:
|
||||
- refs/heads/master
|
||||
- "refs/tags/**"
|
||||
|
||||
- name: microbadger
|
||||
pull: always
|
||||
image: plugins/webhook
|
||||
settings:
|
||||
urls:
|
||||
from_secret: microbadger_url
|
||||
|
||||
- name: matrix
|
||||
pull: always
|
||||
image: plugins/matrix
|
||||
settings:
|
||||
homeserver: https://matrix.rknet.org
|
||||
password:
|
||||
from_secret: matrix_password
|
||||
roomid: MtidqQXWWAtQcByBhH:rknet.org
|
||||
template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}"
|
||||
username:
|
||||
from_secret: matrix_username
|
||||
when:
|
||||
status:
|
||||
- success
|
||||
- failure
|
||||
|
||||
trigger:
|
||||
status:
|
||||
- success
|
||||
- failure
|
||||
|
||||
depends_on:
|
||||
- linux-amd64
|
||||
|
||||
---
|
||||
kind: signature
|
||||
hmac: 8e1ef31eafeeeac65a4a5cf9689dd6e66a97f8724a371e7e4b1319fbedc9276f
|
||||
|
||||
...
|
37
Dockerfile.linux.amd64
Normal file
37
Dockerfile.linux.amd64
Normal file
@ -0,0 +1,37 @@
|
||||
FROM alpine:3.10.0
|
||||
|
||||
LABEL maintainer="Robert Kaussow <mail@geeklabor.de>" \
|
||||
org.label-schema.name="TT-RSS" \
|
||||
org.label-schema.version="1.2" \
|
||||
org.label-schema.vendor="Robert Kaussow" \
|
||||
org.label-schema.schema-version="1.0"
|
||||
|
||||
ARG KANBOARD_VERSION=master
|
||||
ARG KANBOARD_TARBALL=https://github.com/kanboard/kanboard/archive/${KANBOARD_VERSION}.tar.gz
|
||||
|
||||
RUN apk --update add --virtual .build-deps tar curl && \
|
||||
apk --update add nginx ca-certificates s6 ssmtp mailx php7 php7-phar php7-curl \
|
||||
php7-fpm php7-json php7-zlib php7-xml php7-dom php7-ctype php7-opcache php7-zip php7-iconv \
|
||||
php7-pdo php7-pdo_mysql php7-pdo_sqlite php7-pdo_pgsql php7-mbstring php7-session php7-bcmath \
|
||||
php7-gd php7-mcrypt php7-openssl php7-sockets php7-posix php7-ldap php7-simplexml && \
|
||||
rm -rf /var/www/localhost && \
|
||||
rm -f /etc/php7/php-fpm.d/www.conf && \
|
||||
mkdir -p /var/www/app && \
|
||||
curl -SsL -o /usr/local/bin/gomplate https://github.com/hairyhenderson/gomplate/releases/download/v3.5.0/gomplate_linux-amd64-slim && \
|
||||
chmod 755 /usr/local/bin/gomplate && \
|
||||
curl -SsL ${KANBOARD_TARBALL} | tar xz -C /var/www/app/ --strip-components=1 && \
|
||||
curl -SsL -o /etc/php7/browscap.ini https://browscap.org/stream?q=Lite_PHP_BrowsCapINI && \
|
||||
apk del .build-deps && \
|
||||
rm -rf /var/cache/apk/* && \
|
||||
rm -rf /tmp/*
|
||||
|
||||
ADD overlay/ /
|
||||
|
||||
VOLUME /var/www/app/plugins
|
||||
|
||||
EXPOSE 80
|
||||
|
||||
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
|
||||
HEALTHCHECK --interval=30s --timeout=10s --retries=3 CMD /usr/local/bin/healthcheck.sh
|
||||
WORKDIR /var/www/app
|
||||
CMD []
|
21
LICENSE
Normal file
21
LICENSE
Normal file
@ -0,0 +1,21 @@
|
||||
MIT License
|
||||
|
||||
Copyright (c) 2019 Robert Kaussow
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is furnished
|
||||
to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice (including the next
|
||||
paragraph) shall be included in all copies or substantial portions of the
|
||||
Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS
|
||||
OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
|
||||
WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF
|
||||
OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
157
README.md
Normal file
157
README.md
Normal file
@ -0,0 +1,157 @@
|
||||
# [kanboard](https://gitea.rknet.org/docker/kanboard)
|
||||
|
||||
[![Build Status](https://drone.rknet.org/api/badges/docker/kanboard/status.svg)](https://drone.rknet.org/docker/kanboard/)
|
||||
[![Microbadger](https://images.microbadger.com/badges/image/xoxys/kanboard.svg)](https://microbadger.com/images/xoxys/kanboard "Get your own image badge on microbadger.com")
|
||||
|
||||
Kanboard is project management software that focuses on the Kanban methodology.
|
||||
|
||||
## Usage
|
||||
|
||||
Here are some example snippets to help you get started creating a container.
|
||||
|
||||
> **WARNING**: For production usage you should secure your database and NOT use the default credentials!
|
||||
|
||||
### Docker
|
||||
|
||||
```Shell
|
||||
docker create \
|
||||
--name=kanboard \
|
||||
-p 80:80 \
|
||||
xoxys/kanboard
|
||||
```
|
||||
|
||||
### Docker Compose
|
||||
|
||||
Compatible with docker-compose v2 schemas.
|
||||
|
||||
```Yaml
|
||||
---
|
||||
version: '2.1'
|
||||
|
||||
services:
|
||||
kanboard:
|
||||
image: kanboard/kanboard:latest
|
||||
ports:
|
||||
- "80:80"
|
||||
volumes:
|
||||
- kanboard_data:/var/www/app/data
|
||||
- kanboard_plugins:/var/www/app/plugins
|
||||
|
||||
volumes:
|
||||
kanboard_data:
|
||||
driver: local
|
||||
kanboard_plugins:
|
||||
driver: local
|
||||
```
|
||||
|
||||
## Environment variables
|
||||
|
||||
### TT-RSS
|
||||
|
||||
```Shell
|
||||
KANBOARD_PLUGIN_INSTALLER=false
|
||||
KANBOARD_CACHE_DRIVER=memory
|
||||
KANBOARD_MAIL_CONFIGURATION=true
|
||||
KANBOARD_MAIL_FROM=
|
||||
KANBOARD_MAIL_TRANSPORT=mail
|
||||
KANBOARD_MAIL_SMTP_HOSTNAME
|
||||
KANBOARD_MAIL_SMTP_PORT=25
|
||||
KANBOARD_MAIL_SMTP_USERNAME=
|
||||
KANBOARD_MAIL_SMTP_PASSWORD=
|
||||
KANBOARD_MAIL_SMTP_ENCRYPTION=null
|
||||
KANBOARD_MAIL_SENDMAIL_COMMAND=/usr/sbin/sendmail -bs
|
||||
KANBOARD_DB_RUN_MIGRATIONS=true
|
||||
KANBOARD_DB_DRIVER=sqlite
|
||||
KANBOARD_DB_USERNAME=root
|
||||
KANBOARD_DB_PASSWORD=root
|
||||
KANBOARD_DB_HOSTNAME=localhost
|
||||
KANBOARD_DB_NAME=kanboard
|
||||
KANBOARD_DB_PORT=null
|
||||
KANBOARD_DB_SSL_KEY=null
|
||||
KANBOARD_DB_SSL_CERT=null
|
||||
KANBOARD_DB_SSL_CA=null
|
||||
KANBOARD_DB_VERIFY_SERVER_CERT=null
|
||||
KANBOARD_DB_TIMEOUT=null
|
||||
KANBOARD_LDAP_AUTH=false
|
||||
KANBOARD_LDAP_SERVER
|
||||
KANBOARD_LDAP_PORT=389
|
||||
KANBOARD_LDAP_SSL_VERIFY=true
|
||||
KANBOARD_LDAP_START_TLS=false
|
||||
KANBOARD_LDAP_USERNAME_CASE_SENSITIVE=false
|
||||
KANBOARD_LDAP_BIND_TYPE=anonymous
|
||||
KANBOARD_LDAP_USERNAME=null
|
||||
KANBOARD_LDAP_PASSWORD=null
|
||||
KANBOARD_LDAP_USER_BASE_DN=
|
||||
KANBOARD_LDAP_USER_FILTER=
|
||||
KANBOARD_LDAP_USER_ATTRIBUTE_USERNAME=uid
|
||||
KANBOARD_LDAP_USER_ATTRIBUTE_FULLNAME=cn
|
||||
KANBOARD_LDAP_USER_ATTRIBUTE_EMAIL=mail
|
||||
KANBOARD_LDAP_USER_ATTRIBUTE_GROUPS=memberof
|
||||
KANBOARD_LDAP_USER_ATTRIBUTE_PHOTO=
|
||||
KANBOARD_LDAP_USER_ATTRIBUTE_LANGUAGE=
|
||||
KANBOARD_LDAP_USER_CREATION=true
|
||||
KANBOARD_LDAP_GROUP_ADMIN_DN=
|
||||
KANBOARD_LDAP_GROUP_MANAGER_DN=
|
||||
KANBOARD_LDAP_GROUP_PROVIDER=false
|
||||
KANBOARD_LDAP_GROUP_BASE_DN=
|
||||
KANBOARD_LDAP_GROUP_FILTER=
|
||||
KANBOARD_LDAP_GROUP_USER_FILTER=
|
||||
KANBOARD_LDAP_GROUP_ATTRIBUTE_NAME=cn
|
||||
KANBOARD_REVERSE_PROXY_AUTH=false
|
||||
KANBOARD_REVERSE_PROXY_USER_HEADER=REMOTE_USER
|
||||
KANBOARD_REVERSE_PROXY_DEFAULT_ADMIN=
|
||||
KANBOARD_REVERSE_PROXY_DEFAULT_DOMAIN=
|
||||
KANBOARD_REMEMBER_ME_AUTH=true
|
||||
KANBOARD_MARKDOWN_ESCAPE_HTML=true
|
||||
KANBOARD_API_AUTHENTICATION_HEADER=
|
||||
KANBOARD_ENABLE_URL_REWRITE=false
|
||||
KANBOARD_HIDE_LOGIN_FORM=false
|
||||
KANBOARD_DISABLE_LOGOUT=false
|
||||
KANBOARD_BRUTEFORCE_CAPTCHA=3
|
||||
KANBOARD_BRUTEFORCE_LOCKDOWN=6
|
||||
KANBOARD_BRUTEFORCE_LOCKDOWN_DURATION=15
|
||||
KANBOARD_SESSION_DURATION=0
|
||||
KANBOARD_HTTP_PROXY_HOSTNAME=
|
||||
KANBOARD_HTTP_PROXY_PORT=3128
|
||||
KANBOARD_HTTP_PROXY_USERNAME=
|
||||
KANBOARD_HTTP_PROXY_PASSWORD=
|
||||
KANBOARD_HTTP_PROXY_EXCLUDE=localhost
|
||||
KANBOARD_HTTP_VERIFY_SSL_CERTIFICATE=true
|
||||
KANBOARD_TOTP_ISSUER=Kanboard
|
||||
KANBOARD_EXTERNAL_AUTH_EXCLUDE_FIELDS=username
|
||||
```
|
||||
|
||||
### PHP
|
||||
|
||||
```Shell
|
||||
PHP_EXPOSE_PHP=Off
|
||||
PHP_MAX_EXECUTION_TIME=30
|
||||
PHP_MAX_INPUT_TIME=60
|
||||
PHP_MEMORY_LIMIT=50M
|
||||
PHP_ERROR_REPORTING=E_ALL & ~E_DEPRECATED & ~E_STRICT
|
||||
PHP_DISPLAY_ERRORS=Off
|
||||
PHP_DISPLAY_STARTUP_ERRORS=Off
|
||||
PHP_LOG_ERRORS=On
|
||||
PHP_LOG_ERRORS_MAX_LEN=1024
|
||||
PHP_IGNORE_REPEATED_ERRORS=Off
|
||||
PHP_IGNORE_REPEATED_SOURCE=Off
|
||||
PHP_REPORT_MEMLEAKS=On
|
||||
PHP_HTML_ERRORSOn
|
||||
PHP_ERROR_LOG=/proc/self/fd/2
|
||||
PHP_POST_MAX_SIZE=8M
|
||||
PHP_FILE_UPLOADS=Off
|
||||
PHP_UPLOAD_MAX_FILESIZE=2M
|
||||
PHP_MAX_FILE_UPLOADS=2
|
||||
PHP_ALLOW_URL_FOPEN=On
|
||||
PHP_ALLOW_URL_INCLUDE=Off
|
||||
PHP_DATE_TIMEZONE=Europe/Berlin
|
||||
PHP_SQL_SAFE_MODE=On
|
||||
```
|
||||
|
||||
### License
|
||||
|
||||
This project is licensed under the MIT License - see the [LICENSE](https://gitea.rknet.org/docker/kanboard/src/branch/master/LICENSE) file for details.
|
||||
|
||||
### Maintainers and Contributors
|
||||
|
||||
[Robert Kaussow](https://gitea.rknet.org/xoxys)
|
18
docker-compose.yml
Normal file
18
docker-compose.yml
Normal file
@ -0,0 +1,18 @@
|
||||
version: '2.1'
|
||||
|
||||
services:
|
||||
kanboard:
|
||||
image: xoxys/kanboard:latest
|
||||
ports:
|
||||
- "80:80"
|
||||
volumes:
|
||||
- kanboard_data:/var/www/app/data
|
||||
- kanboard_plugins:/var/www/app/plugins
|
||||
environment:
|
||||
KANBOARD_PLUGIN_INSTALLER: "true"
|
||||
|
||||
volumes:
|
||||
kanboard_data:
|
||||
driver: local
|
||||
kanboard_plugins:
|
||||
driver: local
|
12
manifest.tmpl
Normal file
12
manifest.tmpl
Normal file
@ -0,0 +1,12 @@
|
||||
image: xoxys/kanboard:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
|
||||
{{#if build.tags}}
|
||||
tags:
|
||||
{{#each build.tags}}
|
||||
- {{this}}
|
||||
{{/each}}
|
||||
{{/if}}
|
||||
manifests:
|
||||
- image: xoxys/kanboard:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
|
||||
platform:
|
||||
architecture: amd64
|
||||
os: linux
|
1
overlay/etc/crontabs/nginx
Normal file
1
overlay/etc/crontabs/nginx
Normal file
@ -0,0 +1 @@
|
||||
0 8 * * * cd /var/www/app && ./cli cronjob >/dev/null 2>&1
|
76
overlay/etc/nginx/nginx.conf
Normal file
76
overlay/etc/nginx/nginx.conf
Normal file
@ -0,0 +1,76 @@
|
||||
user nginx;
|
||||
worker_processes 1;
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
http {
|
||||
include mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
keepalive_timeout 65;
|
||||
server_tokens off;
|
||||
access_log off;
|
||||
error_log /dev/stderr;
|
||||
|
||||
fastcgi_buffers 16 16k;
|
||||
fastcgi_buffer_size 32k;
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
server_name localhost;
|
||||
index index.php;
|
||||
root /var/www/app;
|
||||
client_max_body_size 32M;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php$is_args$args;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass unix:/var/run/php-fpm.sock;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
}
|
||||
|
||||
location ~ /data {
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(log|sqlite)$ {
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ /\.ht {
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(ico|jpg|gif|png|css|js|svg|eot|ttf|woff|woff2|otf)$ {
|
||||
log_not_found off;
|
||||
expires 7d;
|
||||
etag on;
|
||||
}
|
||||
|
||||
gzip on;
|
||||
gzip_comp_level 3;
|
||||
gzip_disable "msie6";
|
||||
gzip_vary on;
|
||||
gzip_types
|
||||
text/javascript
|
||||
application/javascript
|
||||
application/json
|
||||
text/xml
|
||||
application/xml
|
||||
application/rss+xml
|
||||
text/css
|
||||
text/plain;
|
||||
}
|
||||
}
|
21
overlay/etc/php7/php-fpm.conf
Normal file
21
overlay/etc/php7/php-fpm.conf
Normal file
@ -0,0 +1,21 @@
|
||||
[global]
|
||||
error_log = /proc/self/fd/2
|
||||
log_level = warning
|
||||
daemonize = no
|
||||
|
||||
[www]
|
||||
catch_workers_output = yes
|
||||
|
||||
user = nginx
|
||||
group = nginx
|
||||
|
||||
listen.owner = nginx
|
||||
listen.group = nginx
|
||||
listen = /var/run/php-fpm.sock
|
||||
|
||||
pm = dynamic
|
||||
pm.max_children = 20
|
||||
pm.start_servers = 1
|
||||
pm.min_spare_servers = 1
|
||||
pm.max_spare_servers = 3
|
||||
pm.max_requests = 2048
|
391
overlay/etc/php7/php.ini
Normal file
391
overlay/etc/php7/php.ini
Normal file
@ -0,0 +1,391 @@
|
||||
[PHP]
|
||||
user_ini.filename = ".user.ini"
|
||||
user_ini.cache_ttl = 300
|
||||
|
||||
engine = On
|
||||
short_open_tag = Off
|
||||
|
||||
precision = 14
|
||||
|
||||
output_buffering = 0
|
||||
;output_handler =
|
||||
|
||||
zlib.output_compression = Off
|
||||
;zlib.output_compression_level = -1
|
||||
;zlib.output_handler =
|
||||
|
||||
implicit_flush = Off
|
||||
|
||||
unserialize_callback_func =
|
||||
serialize_precision = 17
|
||||
|
||||
open_basedir = "/var/www/app:/var/lib/php/tmp_upload:/var/lib/php/session:/var/lib/php/soap_cache"
|
||||
|
||||
disable_functions = system, exec, shell_exec, phpinfo, show_source, highlight_file, popen, proc_open, fopen_with_path, dbmopen, dbase_open, putenv, move_uploaded_file, mkdir, rmdir, chmod, rename, filepro, filepro_rowcount, filepro_retrieve, posix_mkfifo
|
||||
disable_classes =
|
||||
|
||||
;highlight.string = #DD0000
|
||||
;highlight.comment = #FF9900
|
||||
;highlight.keyword = #007700
|
||||
;highlight.default = #0000BB
|
||||
;highlight.html = #000000
|
||||
|
||||
;ignore_user_abort = On
|
||||
|
||||
;realpath_cache_size = 16k
|
||||
;realpath_cache_ttl = 120
|
||||
|
||||
zend.enable_gc = On
|
||||
;zend.multibyte = Off
|
||||
;zend.script_encoding =
|
||||
|
||||
expose_php = Off
|
||||
|
||||
max_execution_time = 30
|
||||
max_input_time = 60
|
||||
;max_input_nesting_level = 64
|
||||
max_input_vars = 100
|
||||
memory_limit = 50M
|
||||
|
||||
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
|
||||
display_errors = Off
|
||||
display_startup_errors = Off
|
||||
log_errors = On
|
||||
log_errors_max_len = 1024
|
||||
ignore_repeated_errors = Off
|
||||
ignore_repeated_source = Off
|
||||
report_memleaks = On
|
||||
;report_zend_debug = 0
|
||||
;xmlrpc_errors = 0
|
||||
;xmlrpc_error_number = 0
|
||||
html_errors = On
|
||||
;docref_root = "/phpmanual/"
|
||||
;docref_ext = .html
|
||||
;error_prepend_string = "<span style='color: #ff0000'>"
|
||||
;error_append_string = "</span>"
|
||||
error_log = /proc/self/fd/2
|
||||
;windows.show_crt_warning
|
||||
|
||||
;arg_separator.output = "&"
|
||||
;arg_separator.input = ";&"
|
||||
|
||||
variables_order = "GPCS"
|
||||
request_order = "GP"
|
||||
|
||||
register_argc_argv = Off
|
||||
auto_globals_jit = On
|
||||
;enable_post_data_reading = Off
|
||||
post_max_size = 8M
|
||||
|
||||
auto_prepend_file =
|
||||
auto_append_file =
|
||||
|
||||
default_mimetype = "text/html"
|
||||
default_charset = "UTF-8"
|
||||
;internal_encoding =
|
||||
;input_encoding =
|
||||
;output_encoding =
|
||||
|
||||
;include_path = ".:/php7/includes"
|
||||
|
||||
doc_root =
|
||||
user_dir =
|
||||
|
||||
extension_dir = "/usr/lib/php7/modules"
|
||||
;sys_temp_dir = "/tmp"
|
||||
enable_dl = Off
|
||||
|
||||
cgi.force_redirect = 1
|
||||
;cgi.nph = 1
|
||||
;cgi.redirect_status_env =
|
||||
cgi.fix_pathinfo = 0
|
||||
cgi.discard_path = 1
|
||||
|
||||
;fastcgi.impersonate = 1
|
||||
;fastcgi.logging = 0
|
||||
;cgi.rfc2616_headers = 0
|
||||
;cgi.check_shebang_line = 1
|
||||
|
||||
file_uploads = Off
|
||||
upload_tmp_dir = /var/lib/php/tmp_upload
|
||||
upload_max_filesize = 2M
|
||||
max_file_uploads = 2
|
||||
|
||||
allow_url_fopen = On
|
||||
allow_url_include = Off
|
||||
|
||||
;from="john@doe.com"
|
||||
;user_agent="PHP"
|
||||
|
||||
default_socket_timeout = 60
|
||||
;auto_detect_line_endings = Off
|
||||
|
||||
[CLI Server]
|
||||
cli_server.color = On
|
||||
|
||||
[Date]
|
||||
date.timezone = Europe/Berlin
|
||||
;date.default_latitude = 31.7667
|
||||
;date.default_longitude = 35.2333
|
||||
;date.sunrise_zenith = 90.583333
|
||||
;date.sunset_zenith = 90.583333
|
||||
|
||||
[filter]
|
||||
;filter.default = unsafe_raw
|
||||
;filter.default_flags =
|
||||
|
||||
[iconv]
|
||||
;iconv.input_encoding =
|
||||
;iconv.internal_encoding =
|
||||
;iconv.output_encoding =
|
||||
|
||||
[intl]
|
||||
;intl.default_locale =
|
||||
;intl.error_level = E_WARNING
|
||||
;intl.use_exceptions = 0
|
||||
|
||||
[sqlite3]
|
||||
;sqlite3.extension_dir =
|
||||
|
||||
[Pcre]
|
||||
;pcre.backtrack_limit = 100000
|
||||
;pcre.recursion_limit = 100000
|
||||
;pcre.jit = 1
|
||||
|
||||
[Pdo]
|
||||
;pdo_odbc.connection_pooling = strict
|
||||
;pdo_odbc.db2_instance_name
|
||||
|
||||
[Pdo_mysql]
|
||||
pdo_mysql.cache_size = 2000
|
||||
pdo_mysql.default_socket =
|
||||
|
||||
[Phar]
|
||||
;phar.readonly = On
|
||||
;phar.require_hash = On
|
||||
;phar.cache_list =
|
||||
|
||||
[mail function]
|
||||
SMTP = localhost
|
||||
smtp_port = 25
|
||||
;sendmail_path =
|
||||
|
||||
;mail.force_extra_parameters =
|
||||
mail.add_x_header = On
|
||||
;mail.log =
|
||||
;mail.log = syslog
|
||||
|
||||
[SQL]
|
||||
sql.safe_mode = On
|
||||
|
||||
[ODBC]
|
||||
;odbc.default_db = Not yet implemented
|
||||
;odbc.default_user = Not yet implemented
|
||||
;odbc.default_pw = Not yet implemented
|
||||
;odbc.default_cursortype
|
||||
odbc.allow_persistent = On
|
||||
odbc.check_persistent = On
|
||||
odbc.max_persistent = -1
|
||||
odbc.max_links = -1
|
||||
odbc.defaultlrl = 4096
|
||||
odbc.defaultbinmode = 1
|
||||
;birdstep.max_links = -1
|
||||
|
||||
[Interbase]
|
||||
ibase.allow_persistent = 1
|
||||
ibase.max_persistent = -1
|
||||
ibase.max_links = -1
|
||||
;ibase.default_db =
|
||||
;ibase.default_user =
|
||||
;ibase.default_password =
|
||||
;ibase.default_charset =
|
||||
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
|
||||
ibase.dateformat = "%Y-%m-%d"
|
||||
ibase.timeformat = "%H:%M:%S"
|
||||
|
||||
[MySQLi]
|
||||
;mysqli.allow_local_infile = On
|
||||
mysqli.max_persistent = -1
|
||||
mysqli.allow_persistent = On
|
||||
mysqli.max_links = -1
|
||||
mysqli.cache_size = 2000
|
||||
mysqli.default_port = 3306
|
||||
mysqli.default_socket =
|
||||
mysqli.default_host =
|
||||
mysqli.default_user =
|
||||
mysqli.default_pw =
|
||||
mysqli.reconnect = Off
|
||||
|
||||
[mysqlnd]
|
||||
mysqlnd.collect_statistics = On
|
||||
mysqlnd.collect_memory_statistics = Off
|
||||
;mysqlnd.debug =
|
||||
;mysqlnd.log_mask = 0
|
||||
;mysqlnd.mempool_default_size = 16000
|
||||
;mysqlnd.net_cmd_buffer_size = 2048
|
||||
;mysqlnd.net_read_buffer_size = 32768
|
||||
;mysqlnd.net_read_timeout = 31536000
|
||||
;mysqlnd.sha256_server_public_key =
|
||||
|
||||
[OCI8]
|
||||
;oci8.privileged_connect = Off
|
||||
;oci8.max_persistent = -1
|
||||
;oci8.persistent_timeout = -1
|
||||
;oci8.ping_interval = 60
|
||||
;oci8.connection_class =
|
||||
;oci8.events = Off
|
||||
;oci8.statement_cache_size = 20
|
||||
;oci8.default_prefetch = 100
|
||||
;oci8.old_oci_close_semantics = Off
|
||||
|
||||
[PostgreSQL]
|
||||
pgsql.allow_persistent = On
|
||||
pgsql.auto_reset_persistent = Off
|
||||
pgsql.max_persistent = -1
|
||||
pgsql.max_links = -1
|
||||
pgsql.ignore_notice = 0
|
||||
pgsql.log_notice = 0
|
||||
|
||||
[bcmath]
|
||||
bcmath.scale = 0
|
||||
|
||||
[browscap]
|
||||
browscap = /etc/php7/browscap.ini
|
||||
|
||||
[Session]
|
||||
session.save_handler = files
|
||||
session.save_path = "/var/lib/php/session"
|
||||
session.use_strict_mode = 1
|
||||
session.use_cookies = 1
|
||||
session.cookie_secure = 0
|
||||
session.use_only_cookies = 1
|
||||
session.name = PHPSESSID
|
||||
session.auto_start = Off
|
||||
session.cookie_lifetime = 14400
|
||||
session.cookie_path = /
|
||||
session.cookie_domain =
|
||||
session.cookie_httponly = 1
|
||||
session.serialize_handler = php
|
||||
session.gc_probability = 1
|
||||
session.gc_divisor = 1000
|
||||
session.gc_maxlifetime = 1440
|
||||
session.referer_check =
|
||||
;session.entropy_length = 32
|
||||
;session.entropy_file = /dev/urandom
|
||||
session.cache_limiter = nocache
|
||||
session.cache_expire = 30
|
||||
session.use_trans_sid = 0
|
||||
session.hash_function = sha512
|
||||
session.hash_bits_per_character = 5
|
||||
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
|
||||
;session.upload_progress.enabled = On
|
||||
;session.upload_progress.cleanup = On
|
||||
;session.upload_progress.prefix = "upload_progress_"
|
||||
;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS"
|
||||
;session.upload_progress.freq = "1%"
|
||||
;session.upload_progress.min_freq = "1"
|
||||
;session.lazy_write = On
|
||||
|
||||
[Assertion]
|
||||
zend.assertions = -1
|
||||
;assert.active = On
|
||||
;assert.exception = On
|
||||
;assert.warning = On
|
||||
;assert.bail = Off
|
||||
;assert.callback = 0
|
||||
;assert.quiet_eval = 0
|
||||
|
||||
[COM]
|
||||
;com.typelib_file =
|
||||
;com.allow_dcom = true
|
||||
;com.autoregister_typelib = true
|
||||
;com.autoregister_casesensitive = false
|
||||
;com.autoregister_verbose = true
|
||||
;com.code_page=
|
||||
|
||||
[mbstring]
|
||||
;mbstring.language = Japanese
|
||||
;mbstring.internal_encoding =
|
||||
;mbstring.http_input =
|
||||
;mbstring.http_output =
|
||||
;mbstring.encoding_translation = Off
|
||||
;mbstring.detect_order = auto
|
||||
;mbstring.substitute_character = none
|
||||
;mbstring.func_overload = 0
|
||||
;mbstring.strict_detection = On
|
||||
;mbstring.http_output_conv_mimetype =
|
||||
|
||||
[gd]
|
||||
;gd.jpeg_ignore_warning = 0
|
||||
|
||||
[exif]
|
||||
;exif.encode_unicode = ISO-8859-15
|
||||
;exif.decode_unicode_motorola = UCS-2BE
|
||||
;exif.decode_unicode_intel = UCS-2LE
|
||||
;exif.encode_jis =
|
||||
;exif.decode_jis_motorola = JIS
|
||||
;exif.decode_jis_intel = JIS
|
||||
|
||||
[Tidy]
|
||||
;tidy.default_config = /usr/local/lib/php7/default.tcfg
|
||||
tidy.clean_output = Off
|
||||
|
||||
[soap]
|
||||
soap.wsdl_cache_enabled = 1
|
||||
soap.wsdl_cache_dir = "/var/lib/php/soap_cache"
|
||||
soap.wsdl_cache_ttl = 86400
|
||||
soap.wsdl_cache_limit = 5
|
||||
|
||||
[sysvshm]
|
||||
;sysvshm.init_mem = 10000
|
||||
|
||||
[ldap]
|
||||
ldap.max_links = -1
|
||||
|
||||
[mcrypt]
|
||||
;mcrypt.algorithms_dir =
|
||||
;mcrypt.modes_dir =
|
||||
|
||||
[dba]
|
||||
;dba.default_handler =
|
||||
|
||||
[opcache]
|
||||
;opcache.enable = 0
|
||||
;opcache.enable_cli = 0
|
||||
;opcache.memory_consumption = 64
|
||||
;opcache.interned_strings_buffer = 4
|
||||
;opcache.max_accelerated_files = 2000
|
||||
;opcache.max_wasted_percentage = 5
|
||||
;opcache.use_cwd = 1
|
||||
;opcache.validate_timestamps = 1
|
||||
;opcache.revalidate_freq = 2
|
||||
;opcache.revalidate_path = 0
|
||||
;opcache.save_comments = 1
|
||||
;opcache.fast_shutdown = 0
|
||||
;opcache.enable_file_override = 0
|
||||
;opcache.optimization_level = 0xffffffff
|
||||
;opcache.dups_fix = 0
|
||||
;opcache.blacklist_filename =
|
||||
;opcache.max_file_size = 0
|
||||
;opcache.consistency_checks = 0
|
||||
;opcache.force_restart_timeout = 180
|
||||
;opcache.error_log =
|
||||
;opcache.log_verbosity_level = 1
|
||||
;opcache.preferred_memory_model =
|
||||
;opcache.protect_memory = 0
|
||||
;opcache.restrict_api =
|
||||
;opcache.mmap_base =
|
||||
;opcache.file_cache =
|
||||
;opcache.file_cache_only = 0
|
||||
;opcache.file_cache_consistency_checks = 1
|
||||
;opcache.file_cache_fallback = 1
|
||||
;opcache.huge_code_pages = 1
|
||||
;opcache.validate_permission = 0
|
||||
;opcache.validate_root = 0
|
||||
|
||||
[curl]
|
||||
curl.cainfo = /etc/ssl/certs/ca-certificates.crt
|
||||
|
||||
[openssl]
|
||||
openssl.cafile = /etc/ssl/certs/ca-certificates.crt
|
||||
openssl.capath = /etc/ssl/certs
|
4
overlay/etc/services.d/.s6-svscan/crash
Executable file
4
overlay/etc/services.d/.s6-svscan/crash
Executable file
@ -0,0 +1,4 @@
|
||||
#!/bin/sh
|
||||
set -e
|
||||
echo "Container crashed. Exiting..."
|
||||
exit 1
|
2
overlay/etc/services.d/.s6-svscan/finish
Executable file
2
overlay/etc/services.d/.s6-svscan/finish
Executable file
@ -0,0 +1,2 @@
|
||||
#!/bin/sh
|
||||
exit 0
|
2
overlay/etc/services.d/cron/run
Executable file
2
overlay/etc/services.d/cron/run
Executable file
@ -0,0 +1,2 @@
|
||||
#!/bin/execlineb -P
|
||||
crond -f
|
2
overlay/etc/services.d/nginx/run
Executable file
2
overlay/etc/services.d/nginx/run
Executable file
@ -0,0 +1,2 @@
|
||||
#!/bin/execlineb -P
|
||||
nginx -g "daemon off;"
|
2
overlay/etc/services.d/php/run
Executable file
2
overlay/etc/services.d/php/run
Executable file
@ -0,0 +1,2 @@
|
||||
#!/bin/execlineb -P
|
||||
php-fpm7 -F
|
245
overlay/etc/templates/config.php.tmpl
Normal file
245
overlay/etc/templates/config.php.tmpl
Normal file
@ -0,0 +1,245 @@
|
||||
<?php
|
||||
|
||||
// Data folder (must be writeable by the web server user and absolute)
|
||||
define('DATA_DIR', '/var/www/app/data');
|
||||
|
||||
// Enable/Disable debug
|
||||
define('DEBUG', false);
|
||||
|
||||
// Available log drivers: syslog, stderr, stdout, system or file
|
||||
define('LOG_DRIVER', 'stdout');
|
||||
|
||||
// Plugins directory
|
||||
define('PLUGINS_DIR', '/var/www/app/plugins');
|
||||
|
||||
// Plugins directory URL
|
||||
define('PLUGIN_API_URL', 'https://kanboard.org/plugins.json');
|
||||
|
||||
// Enable/Disable plugin installer (Disabled by default for security reasons)
|
||||
// There is no code review or any approval process to submit a plugin.
|
||||
// This is up to the Kanboard instance owner to validate if a plugin is legit.
|
||||
define('PLUGIN_INSTALLER', {{ getenv "KANBOARD_PLUGIN_INSTALLER" "false" }});
|
||||
|
||||
// Available cache drivers are "file" and "memory"
|
||||
define('CACHE_DRIVER', '{{ getenv "KANBOARD_CACHE_DRIVER" "memory" }}');
|
||||
|
||||
// Cache folder to use if cache driver is "file" (must be writeable by the web server user)
|
||||
define('CACHE_DIR', '/var/www/app/data/cache');
|
||||
|
||||
// Folder for uploaded files (must be writeable by the web server user)
|
||||
define('FILES_DIR', '/var/www/app/data/files');
|
||||
|
||||
// Enable/disable email configuration from the user interface
|
||||
define('MAIL_CONFIGURATION', {{ getenv "KANBOARD_MAIL_CONFIGURATION" "true" }});
|
||||
|
||||
// E-mail address used for the "From" header (notifications)
|
||||
define('MAIL_FROM', '{{ getenv "KANBOARD_MAIL_FROM" }}');
|
||||
|
||||
// Mail transport available: "smtp", "sendmail", "mail" (PHP mail function), "postmark", "mailgun", "sendgrid"
|
||||
define('MAIL_TRANSPORT', '{{ getenv "KANBOARD_MAIL_TRANSPORT" "mail" }}');
|
||||
|
||||
// SMTP configuration to use when the "smtp" transport is chosen
|
||||
define('MAIL_SMTP_HOSTNAME', '{{ getenv "KANBOARD_MAIL_SMTP_HOSTNAME" }}');
|
||||
define('MAIL_SMTP_PORT', {{ getenv "KANBOARD_MAIL_SMTP_PORT" "25" }});
|
||||
define('MAIL_SMTP_USERNAME', '{{ getenv "KANBOARD_MAIL_SMTP_USERNAME" }}');
|
||||
define('MAIL_SMTP_PASSWORD', '{{ getenv "KANBOARD_MAIL_SMTP_PASSWORD" }}');
|
||||
// Valid values are null (not a string "null"), "ssl" or "tls"
|
||||
define('MAIL_SMTP_ENCRYPTION', {{ getenv "KANBOARD_MAIL_SMTP_ENCRYPTION" "null" }});
|
||||
|
||||
// Sendmail command to use when the transport is "sendmail"
|
||||
define('MAIL_SENDMAIL_COMMAND', '{{ getenv "KANBOARD_MAIL_SENDMAIL_COMMAND" "/usr/sbin/sendmail -bs" }}');
|
||||
|
||||
// Run automatically database migrations
|
||||
// If set to false, you will have to run manually the SQL migrations from the CLI during the next Kanboard upgrade
|
||||
// Do not run the migrations from multiple processes at the same time (example: web page + background worker)
|
||||
define('DB_RUN_MIGRATIONS', {{ getenv "KANBOARD_DB_RUN_MIGRATIONS" "true" }});
|
||||
|
||||
// Database driver: sqlite, mysql or postgres (sqlite by default)
|
||||
define('DB_DRIVER', '{{ getenv "KANBOARD_DB_DRIVER" "sqlite" }}');
|
||||
|
||||
// Mysql/Postgres username
|
||||
define('DB_USERNAME', '{{ getenv "KANBOARD_DB_USERNAME" "root" }}');
|
||||
|
||||
// Mysql/Postgres password
|
||||
define('DB_PASSWORD', '{{ getenv "KANBOARD_DB_PASSWORD" "root" }}');
|
||||
|
||||
// Mysql/Postgres hostname
|
||||
define('DB_HOSTNAME', '{{ getenv "KANBOARD_DB_HOSTNAME" "localhost" }}');
|
||||
|
||||
// Mysql/Postgres database name
|
||||
define('DB_NAME', '{{ getenv "KANBOARD_DB_NAME" "kanboard" }}');
|
||||
|
||||
// Mysql/Postgres custom port (null = default port)
|
||||
define('DB_PORT', {{ getenv "KANBOARD_DB_PORT" "null" }});
|
||||
|
||||
// Mysql SSL key
|
||||
define('DB_SSL_KEY', {{ getenv "KANBOARD_DB_SSL_KEY" "null" }});
|
||||
|
||||
// Mysql SSL certificate
|
||||
define('DB_SSL_CERT', {{ getenv "KANBOARD_DB_SSL_CERT" "null" }});
|
||||
|
||||
// Mysql SSL CA
|
||||
define('DB_SSL_CA', {{ getenv "KANBOARD_DB_SSL_CA" "null" }});
|
||||
|
||||
// Mysql SSL server verification, set to false if you don't want the Mysql driver to validate the certificate CN
|
||||
define('DB_VERIFY_SERVER_CERT', {{ getenv "KANBOARD_DB_VERIFY_SERVER_CERT" "null" }});
|
||||
|
||||
// Timeout value for PDO attribute
|
||||
define('DB_TIMEOUT', {{ getenv "KANBOARD_DB_TIMEOUT" "null" }});
|
||||
|
||||
// Enable LDAP authentication (false by default)
|
||||
define('LDAP_AUTH', {{ getenv "KANBOARD_LDAP_AUTH" "false" }});
|
||||
|
||||
// LDAP server hostname
|
||||
define('LDAP_SERVER', '{{ getenv "KANBOARD_LDAP_SERVER" }}');
|
||||
|
||||
// LDAP server port (389 by default)
|
||||
define('LDAP_PORT', {{ getenv "KANBOARD_LDAP_PORT" "389" }});
|
||||
|
||||
// By default, require certificate to be verified for ldaps:// style URL. Set to false to skip the verification
|
||||
define('LDAP_SSL_VERIFY', {{ getenv "KANBOARD_LDAP_SSL_VERIFY" "true" }});
|
||||
|
||||
// Enable LDAP START_TLS
|
||||
define('LDAP_START_TLS', {{ getenv "KANBOARD_LDAP_START_TLS" "false" }});
|
||||
|
||||
// By default Kanboard lowercase the ldap username to avoid duplicate users (the database is case sensitive)
|
||||
// Set to true if you want to preserve the case
|
||||
define('LDAP_USERNAME_CASE_SENSITIVE', {{ getenv "KANBOARD_LDAP_USERNAME_CASE_SENSITIVE" "false" }});
|
||||
|
||||
// LDAP bind type: "anonymous", "user" or "proxy"
|
||||
define('LDAP_BIND_TYPE', '{{ getenv "KANBOARD_LDAP_BIND_TYPE" "anonymous" }}');
|
||||
|
||||
// LDAP username to use with proxy mode
|
||||
// LDAP username pattern to use with user mode
|
||||
define('LDAP_USERNAME', {{ getenv "KANBOARD_LDAP_USERNAME" "null" }});
|
||||
|
||||
// LDAP password to use for proxy mode
|
||||
define('LDAP_PASSWORD', {{ getenv "KANBOARD_LDAP_PASSWORD" "null" }});
|
||||
|
||||
// LDAP DN for users
|
||||
// Example for ActiveDirectory: CN=Users,DC=kanboard,DC=local
|
||||
// Example for OpenLDAP: ou=People,dc=example,dc=com
|
||||
define('LDAP_USER_BASE_DN', '{{ getenv "KANBOARD_LDAP_USER_BASE_DN"}}');
|
||||
|
||||
// LDAP pattern to use when searching for a user account
|
||||
// Example for ActiveDirectory: '(&(objectClass=user)(sAMAccountName=%s))'
|
||||
// Example for OpenLDAP: 'uid=%s'
|
||||
define('LDAP_USER_FILTER', '{{ getenv "KANBOARD_LDAP_USER_FILTER"}}');
|
||||
|
||||
// LDAP attribute for username
|
||||
// Example for ActiveDirectory: 'samaccountname'
|
||||
// Example for OpenLDAP: 'uid'
|
||||
define('LDAP_USER_ATTRIBUTE_USERNAME', '{{ getenv "KANBOARD_LDAP_USER_ATTRIBUTE_USERNAME" "uid" }}');
|
||||
|
||||
// LDAP attribute for user full name
|
||||
// Example for ActiveDirectory: 'displayname'
|
||||
// Example for OpenLDAP: 'cn'
|
||||
define('LDAP_USER_ATTRIBUTE_FULLNAME', '{{ getenv "KANBOARD_LDAP_USER_ATTRIBUTE_FULLNAME" "cn" }}');
|
||||
|
||||
// LDAP attribute for user email
|
||||
define('LDAP_USER_ATTRIBUTE_EMAIL', '{{ getenv "KANBOARD_LDAP_USER_ATTRIBUTE_EMAIL" "mail" }}');
|
||||
|
||||
// LDAP attribute to find groups in user profile
|
||||
define('LDAP_USER_ATTRIBUTE_GROUPS', '{{ getenv "KANBOARD_LDAP_USER_ATTRIBUTE_GROUPS" "memberof" }}');
|
||||
|
||||
// LDAP attribute for user avatar image: thumbnailPhoto or jpegPhoto
|
||||
define('LDAP_USER_ATTRIBUTE_PHOTO', '{{ getenv "KANBOARD_LDAP_USER_ATTRIBUTE_PHOTO" }}');
|
||||
|
||||
// LDAP attribute for user language, example: 'preferredlanguage'
|
||||
// Put an empty string to disable language sync
|
||||
define('LDAP_USER_ATTRIBUTE_LANGUAGE', '{{ getenv "KANBOARD_LDAP_USER_ATTRIBUTE_LANGUAGE" }}');
|
||||
|
||||
// Allow automatic LDAP user creation
|
||||
define('LDAP_USER_CREATION', {{ getenv "KANBOARD_LDAP_USER_CREATION" "true" }});
|
||||
|
||||
// LDAP DN for administrators
|
||||
// Example: CN=Kanboard-Admins,CN=Users,DC=kanboard,DC=local
|
||||
define('LDAP_GROUP_ADMIN_DN', '{{ getenv "KANBOARD_LDAP_GROUP_ADMIN_DN" }}');
|
||||
|
||||
// LDAP DN for managers
|
||||
// Example: CN=Kanboard Managers,CN=Users,DC=kanboard,DC=local
|
||||
define('LDAP_GROUP_MANAGER_DN', '{{ getenv "KANBOARD_LDAP_GROUP_MANAGER_DN" }}');
|
||||
|
||||
// Enable LDAP group provider for project permissions
|
||||
// The end-user will be able to browse LDAP groups from the user interface and allow access to specified projects
|
||||
define('LDAP_GROUP_PROVIDER', {{ getenv "KANBOARD_LDAP_GROUP_PROVIDER" "false" }});
|
||||
|
||||
// LDAP Base DN for groups
|
||||
define('LDAP_GROUP_BASE_DN', '{{ getenv "KANBOARD_LDAP_GROUP_BASE_DN" }}');
|
||||
|
||||
// LDAP group filter
|
||||
// Example for ActiveDirectory: (&(objectClass=group)(sAMAccountName=%s*))
|
||||
define('LDAP_GROUP_FILTER', '{{ getenv "KANBOARD_LDAP_GROUP_FILTER" }}');
|
||||
|
||||
// LDAP user group filter
|
||||
// If this filter is configured, Kanboard will search user groups in LDAP_GROUP_BASE_DN with this filter
|
||||
// Example for OpenLDAP: (&(objectClass=posixGroup)(memberUid=%s))
|
||||
define('LDAP_GROUP_USER_FILTER', '{{ getenv "KANBOARD_LDAP_GROUP_USER_FILTER" }}');
|
||||
|
||||
// LDAP attribute for the group name
|
||||
define('LDAP_GROUP_ATTRIBUTE_NAME', '{{ getenv "KANBOARD_LDAP_GROUP_ATTRIBUTE_NAME" "cn" }}');
|
||||
|
||||
// Enable/disable the reverse proxy authentication
|
||||
define('REVERSE_PROXY_AUTH', {{ getenv "KANBOARD_REVERSE_PROXY_AUTH" "false" }});
|
||||
|
||||
// Header name to use for the username
|
||||
define('REVERSE_PROXY_USER_HEADER', '{{ getenv "KANBOARD_REVERSE_PROXY_USER_HEADER" "REMOTE_USER" }}');
|
||||
|
||||
// Username of the admin, by default blank
|
||||
define('REVERSE_PROXY_DEFAULT_ADMIN', '{{ getenv "KANBOARD_REVERSE_PROXY_DEFAULT_ADMIN" }}');
|
||||
|
||||
// Default domain to use for setting the email address
|
||||
define('REVERSE_PROXY_DEFAULT_DOMAIN', '{{ getenv "KANBOARD_REVERSE_PROXY_DEFAULT_DOMAIN" }}');
|
||||
|
||||
// Enable/disable remember me authentication
|
||||
define('REMEMBER_ME_AUTH', {{ getenv "KANBOARD_REMEMBER_ME_AUTH" "true" }});
|
||||
|
||||
// Enable or disable "Strict-Transport-Security" HTTP header
|
||||
define('ENABLE_HSTS', false);
|
||||
|
||||
// Enable or disable "X-Frame-Options: DENY" HTTP header
|
||||
define('ENABLE_XFRAME', false);
|
||||
|
||||
// Escape html inside markdown text
|
||||
define('MARKDOWN_ESCAPE_HTML', {{ getenv "KANBOARD_MARKDOWN_ESCAPE_HTML" "true" }});
|
||||
|
||||
// API alternative authentication header, the default is HTTP Basic Authentication defined in RFC2617
|
||||
define('API_AUTHENTICATION_HEADER', '{{ getenv "KANBOARD_API_AUTHENTICATION_HEADER" }}');
|
||||
|
||||
// Enable/disable url rewrite
|
||||
define('ENABLE_URL_REWRITE', {{ getenv "KANBOARD_ENABLE_URL_REWRITE" "false" }});
|
||||
|
||||
// Hide login form, useful if all your users use Google/Github/ReverseProxy authentication
|
||||
define('HIDE_LOGIN_FORM', {{ getenv "KANBOARD_HIDE_LOGIN_FORM" "false" }});
|
||||
|
||||
// Disabling logout (useful for external SSO authentication)
|
||||
define('DISABLE_LOGOUT', {{ getenv "KANBOARD_DISABLE_LOGOUT" "false" }});
|
||||
|
||||
// Enable captcha after 3 authentication failure
|
||||
define('BRUTEFORCE_CAPTCHA', {{ getenv "KANBOARD_BRUTEFORCE_CAPTCHA" "3" }});
|
||||
|
||||
// Lock the account after 6 authentication failure
|
||||
define('BRUTEFORCE_LOCKDOWN', {{ getenv "KANBOARD_BRUTEFORCE_LOCKDOWN" "6" }});
|
||||
|
||||
// Lock account duration in minute
|
||||
define('BRUTEFORCE_LOCKDOWN_DURATION', {{ getenv "KANBOARD_BRUTEFORCE_LOCKDOWN_DURATION" "15" }});
|
||||
|
||||
// Session duration in second (0 = until the browser is closed)
|
||||
// See http://php.net/manual/en/session.configuration.php#ini.session.cookie-lifetime
|
||||
define('SESSION_DURATION', {{ getenv "KANBOARD_SESSION_DURATION" "0" }});
|
||||
|
||||
// HTTP client proxy
|
||||
define('HTTP_PROXY_HOSTNAME', '{{ getenv "KANBOARD_HTTP_PROXY_HOSTNAME" }}');
|
||||
define('HTTP_PROXY_PORT', '{{ getenv "KANBOARD_HTTP_PROXY_PORT" "3128" }}');
|
||||
define('HTTP_PROXY_USERNAME', '{{ getenv "KANBOARD_HTTP_PROXY_USERNAME" }}');
|
||||
define('HTTP_PROXY_PASSWORD', '{{ getenv "KANBOARD_HTTP_PROXY_PASSWORD" }}');
|
||||
define('HTTP_PROXY_EXCLUDE', '{{ getenv "KANBOARD_HTTP_PROXY_EXCLUDE" "localhost" }}');
|
||||
|
||||
// Set to false to allow self-signed certificates
|
||||
define('HTTP_VERIFY_SSL_CERTIFICATE', {{ getenv "KANBOARD_HTTP_VERIFY_SSL_CERTIFICATE" "true" }});
|
||||
|
||||
// TOTP (2FA) issuer name
|
||||
define('TOTP_ISSUER', '{{ getenv "KANBOARD_TOTP_ISSUER" "Kanboard" }}');
|
||||
|
||||
// Comma separated list of fields to not synchronize when using external authentication providers
|
||||
define('EXTERNAL_AUTH_EXCLUDE_FIELDS', '{{ getenv "KANBOARD_EXTERNAL_AUTH_EXCLUDE_FIELDS" "username" }}');
|
391
overlay/etc/templates/php.ini.tmpl
Normal file
391
overlay/etc/templates/php.ini.tmpl
Normal file
@ -0,0 +1,391 @@
|
||||
[PHP]
|
||||
user_ini.filename = ".user.ini"
|
||||
user_ini.cache_ttl = 300
|
||||
|
||||
engine = On
|
||||
short_open_tag = Off
|
||||
|
||||
precision = 14
|
||||
|
||||
output_buffering = 0
|
||||
;output_handler =
|
||||
|
||||
zlib.output_compression = Off
|
||||
;zlib.output_compression_level = -1
|
||||
;zlib.output_handler =
|
||||
|
||||
implicit_flush = Off
|
||||
|
||||
unserialize_callback_func =
|
||||
serialize_precision = 17
|
||||
|
||||
open_basedir = "/var/www/app:/var/lib/php/tmp_upload:/var/lib/php/session:/var/lib/php/soap_cache"
|
||||
|
||||
disable_functions = system, exec, shell_exec, phpinfo, show_source, highlight_file, popen, proc_open, fopen_with_path, dbmopen, dbase_open, putenv, move_uploaded_file, mkdir, rmdir, chmod, rename, filepro, filepro_rowcount, filepro_retrieve, posix_mkfifo
|
||||
disable_classes =
|
||||
|
||||
;highlight.string = #DD0000
|
||||
;highlight.comment = #FF9900
|
||||
;highlight.keyword = #007700
|
||||
;highlight.default = #0000BB
|
||||
;highlight.html = #000000
|
||||
|
||||
;ignore_user_abort = On
|
||||
|
||||
;realpath_cache_size = 16k
|
||||
;realpath_cache_ttl = 120
|
||||
|
||||
zend.enable_gc = On
|
||||
;zend.multibyte = Off
|
||||
;zend.script_encoding =
|
||||
|
||||
expose_php = {{ getenv "PHP_EXPOSE_PHP" "Off" }}
|
||||
|
||||
max_execution_time = {{ getenv "PHP_MAX_EXECUTION_TIME" "30" }}
|
||||
max_input_time = {{ getenv "PHP_MAX_INPUT_TIME" "60" }}
|
||||
;max_input_nesting_level = 64
|
||||
max_input_vars = 100
|
||||
memory_limit = {{ getenv "PHP_MEMORY_LIMIT" "50M" }}
|
||||
|
||||
error_reporting = {{ getenv "PHP_ERROR_REPORTING" "E_ALL & ~E_DEPRECATED & ~E_STRICT" }}
|
||||
display_errors = {{ getenv "PHP_DISPLAY_ERRORS" "Off" }}
|
||||
display_startup_errors = {{ getenv "PHP_DISPLAY_STARTUP_ERRORS" "Off" }}
|
||||
log_errors = {{ getenv "PHP_LOG_ERRORS" "On" }}
|
||||
log_errors_max_len = {{ getenv "PHP_LOG_ERRORS_MAX_LEN" "1024" }}
|
||||
ignore_repeated_errors = {{ getenv "PHP_IGNORE_REPEATED_ERRORS" "Off" }}
|
||||
ignore_repeated_source = {{ getenv "PHP_IGNORE_REPEATED_SOURCE" "Off" }}
|
||||
report_memleaks = {{ getenv "PHP_REPORT_MEMLEAKS" "On" }}
|
||||
;report_zend_debug = 0
|
||||
;xmlrpc_errors = 0
|
||||
;xmlrpc_error_number = 0
|
||||
html_errors = {{ getenv "PHP_HTML_ERRORS" "On" }}
|
||||
;docref_root = "/phpmanual/"
|
||||
;docref_ext = .html
|
||||
;error_prepend_string = "<span style='color: #ff0000'>"
|
||||
;error_append_string = "</span>"
|
||||
error_log = {{ getenv "PHP_ERROR_LOG" "/proc/self/fd/2"}}
|
||||
;windows.show_crt_warning
|
||||
|
||||
;arg_separator.output = "&"
|
||||
;arg_separator.input = ";&"
|
||||
|
||||
variables_order = "GPCS"
|
||||
request_order = "GP"
|
||||
|
||||
register_argc_argv = Off
|
||||
auto_globals_jit = On
|
||||
;enable_post_data_reading = Off
|
||||
post_max_size = {{ getenv "PHP_POST_MAX_SIZE" "8M" }}
|
||||
|
||||
auto_prepend_file =
|
||||
auto_append_file =
|
||||
|
||||
default_mimetype = "text/html"
|
||||
default_charset = "UTF-8"
|
||||
;internal_encoding =
|
||||
;input_encoding =
|
||||
;output_encoding =
|
||||
|
||||
;include_path = ".:/php7/includes"
|
||||
|
||||
doc_root =
|
||||
user_dir =
|
||||
|
||||
extension_dir = "/usr/lib/php7/modules"
|
||||
;sys_temp_dir = "/tmp"
|
||||
enable_dl = Off
|
||||
|
||||
cgi.force_redirect = 1
|
||||
;cgi.nph = 1
|
||||
;cgi.redirect_status_env =
|
||||
cgi.fix_pathinfo = 0
|
||||
cgi.discard_path = 1
|
||||
|
||||
;fastcgi.impersonate = 1
|
||||
;fastcgi.logging = 0
|
||||
;cgi.rfc2616_headers = 0
|
||||
;cgi.check_shebang_line = 1
|
||||
|
||||
file_uploads = {{ getenv "PHP_FILE_UPLOADS" "Off" }}
|
||||
upload_tmp_dir = /var/lib/php/tmp_upload
|
||||
upload_max_filesize = {{ getenv "PHP_UPLOAD_MAX_FILESIZE" "2M" }}
|
||||
max_file_uploads = {{ getenv "PHP_MAX_FILE_UPLOADS" "2" }}
|
||||
|
||||
allow_url_fopen = {{ getenv "PHP_ALLOW_URL_FOPEN" "On" }}
|
||||
allow_url_include = {{ getenv "PHP_ALLOW_URL_INCLUDE" "Off" }}
|
||||
|
||||
;from="john@doe.com"
|
||||
;user_agent="PHP"
|
||||
|
||||
default_socket_timeout = 60
|
||||
;auto_detect_line_endings = Off
|
||||
|
||||
[CLI Server]
|
||||
cli_server.color = On
|
||||
|
||||
[Date]
|
||||
date.timezone = {{ getenv "PHP_DATE_TIMEZONE" "Europe/Berlin" }}
|
||||
;date.default_latitude = 31.7667
|
||||
;date.default_longitude = 35.2333
|
||||
;date.sunrise_zenith = 90.583333
|
||||
;date.sunset_zenith = 90.583333
|
||||
|
||||
[filter]
|
||||
;filter.default = unsafe_raw
|
||||
;filter.default_flags =
|
||||
|
||||
[iconv]
|
||||
;iconv.input_encoding =
|
||||
;iconv.internal_encoding =
|
||||
;iconv.output_encoding =
|
||||
|
||||
[intl]
|
||||
;intl.default_locale =
|
||||
;intl.error_level = E_WARNING
|
||||
;intl.use_exceptions = 0
|
||||
|
||||
[sqlite3]
|
||||
;sqlite3.extension_dir =
|
||||
|
||||
[Pcre]
|
||||
;pcre.backtrack_limit = 100000
|
||||
;pcre.recursion_limit = 100000
|
||||
;pcre.jit = 1
|
||||
|
||||
[Pdo]
|
||||
;pdo_odbc.connection_pooling = strict
|
||||
;pdo_odbc.db2_instance_name
|
||||
|
||||
[Pdo_mysql]
|
||||
pdo_mysql.cache_size = 2000
|
||||
pdo_mysql.default_socket =
|
||||
|
||||
[Phar]
|
||||
;phar.readonly = On
|
||||
;phar.require_hash = On
|
||||
;phar.cache_list =
|
||||
|
||||
[mail function]
|
||||
SMTP = localhost
|
||||
smtp_port = 25
|
||||
;sendmail_path =
|
||||
|
||||
;mail.force_extra_parameters =
|
||||
mail.add_x_header = On
|
||||
;mail.log =
|
||||
;mail.log = syslog
|
||||
|
||||
[SQL]
|
||||
sql.safe_mode = {{ getenv "PHP_SQL_SAFE_MODE" "On" }}
|
||||
|
||||
[ODBC]
|
||||
;odbc.default_db = Not yet implemented
|
||||
;odbc.default_user = Not yet implemented
|
||||
;odbc.default_pw = Not yet implemented
|
||||
;odbc.default_cursortype
|
||||
odbc.allow_persistent = On
|
||||
odbc.check_persistent = On
|
||||
odbc.max_persistent = -1
|
||||
odbc.max_links = -1
|
||||
odbc.defaultlrl = 4096
|
||||
odbc.defaultbinmode = 1
|
||||
;birdstep.max_links = -1
|
||||
|
||||
[Interbase]
|
||||
ibase.allow_persistent = 1
|
||||
ibase.max_persistent = -1
|
||||
ibase.max_links = -1
|
||||
;ibase.default_db =
|
||||
;ibase.default_user =
|
||||
;ibase.default_password =
|
||||
;ibase.default_charset =
|
||||
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
|
||||
ibase.dateformat = "%Y-%m-%d"
|
||||
ibase.timeformat = "%H:%M:%S"
|
||||
|
||||
[MySQLi]
|
||||
;mysqli.allow_local_infile = On
|
||||
mysqli.max_persistent = -1
|
||||
mysqli.allow_persistent = On
|
||||
mysqli.max_links = -1
|
||||
mysqli.cache_size = 2000
|
||||
mysqli.default_port = 3306
|
||||
mysqli.default_socket =
|
||||
mysqli.default_host =
|
||||
mysqli.default_user =
|
||||
mysqli.default_pw =
|
||||
mysqli.reconnect = Off
|
||||
|
||||
[mysqlnd]
|
||||
mysqlnd.collect_statistics = On
|
||||
mysqlnd.collect_memory_statistics = Off
|
||||
;mysqlnd.debug =
|
||||
;mysqlnd.log_mask = 0
|
||||
;mysqlnd.mempool_default_size = 16000
|
||||
;mysqlnd.net_cmd_buffer_size = 2048
|
||||
;mysqlnd.net_read_buffer_size = 32768
|
||||
;mysqlnd.net_read_timeout = 31536000
|
||||
;mysqlnd.sha256_server_public_key =
|
||||
|
||||
[OCI8]
|
||||
;oci8.privileged_connect = Off
|
||||
;oci8.max_persistent = -1
|
||||
;oci8.persistent_timeout = -1
|
||||
;oci8.ping_interval = 60
|
||||
;oci8.connection_class =
|
||||
;oci8.events = Off
|
||||
;oci8.statement_cache_size = 20
|
||||
;oci8.default_prefetch = 100
|
||||
;oci8.old_oci_close_semantics = Off
|
||||
|
||||
[PostgreSQL]
|
||||
pgsql.allow_persistent = On
|
||||
pgsql.auto_reset_persistent = Off
|
||||
pgsql.max_persistent = -1
|
||||
pgsql.max_links = -1
|
||||
pgsql.ignore_notice = 0
|
||||
pgsql.log_notice = 0
|
||||
|
||||
[bcmath]
|
||||
bcmath.scale = 0
|
||||
|
||||
[browscap]
|
||||
browscap = /etc/php7/browscap.ini
|
||||
|
||||
[Session]
|
||||
session.save_handler = files
|
||||
session.save_path = "/var/lib/php/session"
|
||||
session.use_strict_mode = 1
|
||||
session.use_cookies = 1
|
||||
session.cookie_secure = 0
|
||||
session.use_only_cookies = 1
|
||||
session.name = PHPSESSID
|
||||
session.auto_start = Off
|
||||
session.cookie_lifetime = 14400
|
||||
session.cookie_path = /
|
||||
session.cookie_domain =
|
||||
session.cookie_httponly = 1
|
||||
session.serialize_handler = php
|
||||
session.gc_probability = 1
|
||||
session.gc_divisor = 1000
|
||||
session.gc_maxlifetime = 1440
|
||||
session.referer_check =
|
||||
;session.entropy_length = 32
|
||||
;session.entropy_file = /dev/urandom
|
||||
session.cache_limiter = nocache
|
||||
session.cache_expire = 30
|
||||
session.use_trans_sid = 0
|
||||
session.hash_function = sha512
|
||||
session.hash_bits_per_character = 5
|
||||
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
|
||||
;session.upload_progress.enabled = On
|
||||
;session.upload_progress.cleanup = On
|
||||
;session.upload_progress.prefix = "upload_progress_"
|
||||
;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS"
|
||||
;session.upload_progress.freq = "1%"
|
||||
;session.upload_progress.min_freq = "1"
|
||||
;session.lazy_write = On
|
||||
|
||||
[Assertion]
|
||||
zend.assertions = -1
|
||||
;assert.active = On
|
||||
;assert.exception = On
|
||||
;assert.warning = On
|
||||
;assert.bail = Off
|
||||
;assert.callback = 0
|
||||
;assert.quiet_eval = 0
|
||||
|
||||
[COM]
|
||||
;com.typelib_file =
|
||||
;com.allow_dcom = true
|
||||
;com.autoregister_typelib = true
|
||||
;com.autoregister_casesensitive = false
|
||||
;com.autoregister_verbose = true
|
||||
;com.code_page=
|
||||
|
||||
[mbstring]
|
||||
;mbstring.language = Japanese
|
||||
;mbstring.internal_encoding =
|
||||
;mbstring.http_input =
|
||||
;mbstring.http_output =
|
||||
;mbstring.encoding_translation = Off
|
||||
;mbstring.detect_order = auto
|
||||
;mbstring.substitute_character = none
|
||||
;mbstring.func_overload = 0
|
||||
;mbstring.strict_detection = On
|
||||
;mbstring.http_output_conv_mimetype =
|
||||
|
||||
[gd]
|
||||
;gd.jpeg_ignore_warning = 0
|
||||
|
||||
[exif]
|
||||
;exif.encode_unicode = ISO-8859-15
|
||||
;exif.decode_unicode_motorola = UCS-2BE
|
||||
;exif.decode_unicode_intel = UCS-2LE
|
||||
;exif.encode_jis =
|
||||
;exif.decode_jis_motorola = JIS
|
||||
;exif.decode_jis_intel = JIS
|
||||
|
||||
[Tidy]
|
||||
;tidy.default_config = /usr/local/lib/php7/default.tcfg
|
||||
tidy.clean_output = Off
|
||||
|
||||
[soap]
|
||||
soap.wsdl_cache_enabled = 1
|
||||
soap.wsdl_cache_dir = "/var/lib/php/soap_cache"
|
||||
soap.wsdl_cache_ttl = 86400
|
||||
soap.wsdl_cache_limit = 5
|
||||
|
||||
[sysvshm]
|
||||
;sysvshm.init_mem = 10000
|
||||
|
||||
[ldap]
|
||||
ldap.max_links = -1
|
||||
|
||||
[mcrypt]
|
||||
;mcrypt.algorithms_dir =
|
||||
;mcrypt.modes_dir =
|
||||
|
||||
[dba]
|
||||
;dba.default_handler =
|
||||
|
||||
[opcache]
|
||||
;opcache.enable = 0
|
||||
;opcache.enable_cli = 0
|
||||
;opcache.memory_consumption = 64
|
||||
;opcache.interned_strings_buffer = 4
|
||||
;opcache.max_accelerated_files = 2000
|
||||
;opcache.max_wasted_percentage = 5
|
||||
;opcache.use_cwd = 1
|
||||
;opcache.validate_timestamps = 1
|
||||
;opcache.revalidate_freq = 2
|
||||
;opcache.revalidate_path = 0
|
||||
;opcache.save_comments = 1
|
||||
;opcache.fast_shutdown = 0
|
||||
;opcache.enable_file_override = 0
|
||||
;opcache.optimization_level = 0xffffffff
|
||||
;opcache.dups_fix = 0
|
||||
;opcache.blacklist_filename =
|
||||
;opcache.max_file_size = 0
|
||||
;opcache.consistency_checks = 0
|
||||
;opcache.force_restart_timeout = 180
|
||||
;opcache.error_log =
|
||||
;opcache.log_verbosity_level = 1
|
||||
;opcache.preferred_memory_model =
|
||||
;opcache.protect_memory = 0
|
||||
;opcache.restrict_api =
|
||||
;opcache.mmap_base =
|
||||
;opcache.file_cache =
|
||||
;opcache.file_cache_only = 0
|
||||
;opcache.file_cache_consistency_checks = 1
|
||||
;opcache.file_cache_fallback = 1
|
||||
;opcache.huge_code_pages = 1
|
||||
;opcache.validate_permission = 0
|
||||
;opcache.validate_root = 0
|
||||
|
||||
[curl]
|
||||
curl.cainfo = /etc/ssl/certs/ca-certificates.crt
|
||||
|
||||
[openssl]
|
||||
openssl.cafile = /etc/ssl/certs/ca-certificates.crt
|
||||
openssl.capath = /etc/ssl/certs
|
8
overlay/usr/local/bin/entrypoint.sh
Executable file
8
overlay/usr/local/bin/entrypoint.sh
Executable file
@ -0,0 +1,8 @@
|
||||
#!/bin/sh
|
||||
/usr/local/bin/gomplate -V -o /etc/php7/php.ini -f /etc/templates/php.ini.tmpl
|
||||
/usr/local/bin/gomplate -V -o /var/www/app/config.php -f /etc/templates/config.php.tmpl
|
||||
|
||||
chown -R nginx:nginx /var/www/app/data
|
||||
chown -R nginx:nginx /var/www/app/plugins
|
||||
|
||||
exec /bin/s6-svscan /etc/services.d
|
17
overlay/usr/local/bin/healthcheck.sh
Executable file
17
overlay/usr/local/bin/healthcheck.sh
Executable file
@ -0,0 +1,17 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -eo pipefail
|
||||
URL=http://localhost
|
||||
|
||||
wget --quiet --tries=1 --spider ${URL}
|
||||
[ $? -ne 0 ] && exit 1
|
||||
|
||||
CONTENT=$(wget --quiet -O - ${URL})
|
||||
case "$CONTENT" in
|
||||
*Exception*) exit 1 ;;
|
||||
*alert-*alert-*SELF_URL_PATH*) exit 1 ;;
|
||||
*alert-*SELF_URL_PATH*alert-*) exit 1 ;;
|
||||
*SELF_URL_PATH*alert-*alert-*) exit 1 ;;
|
||||
esac
|
||||
|
||||
exit 0
|
Reference in New Issue
Block a user